CN104077538A - Method for privacy protection of data periodical issuing - Google Patents

Method for privacy protection of data periodical issuing Download PDF

Info

Publication number
CN104077538A
CN104077538A CN201410321751.3A CN201410321751A CN104077538A CN 104077538 A CN104077538 A CN 104077538A CN 201410321751 A CN201410321751 A CN 201410321751A CN 104077538 A CN104077538 A CN 104077538A
Authority
CN
China
Prior art keywords
grouping
data
gid
individual
extensive
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410321751.3A
Other languages
Chinese (zh)
Inventor
张志祥
金华
华进
韩小祥
朱鹏程
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nantong University
Original Assignee
Nantong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nantong University filed Critical Nantong University
Priority to CN201410321751.3A priority Critical patent/CN104077538A/en
Publication of CN104077538A publication Critical patent/CN104077538A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/248Presentation of query results

Abstract

The invention relates to a method for privacy protection of data periodical issuing. The method comprises the steps that when data are primarily issued, an original data record is firstly scanned, an individual is determined, recoding is conducted on the basis of identification, and primary information issuing is achieved on the basis of an anonymity model (k,1) for individual relevance SA grouping and individual relevance keeping; when periodical following issuing is conducted, the SA grouping distance between the same individuals of data to be issued and the data issued last time is worked out and a tuple is generalized for information issuing according to a local recoding method on the basis of an epsilon-grouping invariance rule. The individual relevance between the data issued last time and the data issued this time is thoroughly considered, and therefore privacy information of the individual is guaranteed.

Description

The method for secret protection that a kind of data are periodically issued
Technical field
The invention belongs to information privacy protection and issue security fields, be specifically related to the method for secret protection that a kind of data are periodically issued.
Background technology
A large amount of medical informations have the important value of statistical study and state of an illness research, and many-sided needs such as these privacy informations are shared in order to meet, scientific research, must carry out secret protection release processing to these information.K-anonymity is the important secret protection technology of a class in tradition table data field, but this technology is only applicable to the issue of static data, and this technology is also easily under attack.
The issue of medical data has the feature of periodically issuing conventionally; simultaneously in table to be released, body may corresponding many records one by one; in the time issuing, should go to consider from individual angle the protection of its privacy, and the relevance between distributing data while considering repeatedly to issue.
Medical data Table Properties is divided three classes: explicit identification accords with (Identifier), refers to know the attribute of identifying user identity, in order to protect personal information, usually before data are issued, these attributes is deleted or is encrypted; Standard identifier QI (Quasi Identifier) is present in privacy table and appearance simultaneously, and one group of attribute that can utilize chain to fetch mark individual information is called standard identifier attribute; Sensitive Attributes SA (Sensitive Attribute), such attribute kit has contained individual privacy information.
Summary of the invention
The problem existing for tradition table data field secret protection technology; the invention provides the method for secret protection that a kind of data are periodically issued; the safety of the privacy information having ensured from individual angle; the link of having resisted between table is attacked, and has farthest met the availability of data in protection privacy.
For achieving the above object, the concrete technical scheme of the present invention is as follows: the method for secret protection that a kind of data are periodically issued, comprises the steps:
(1) pre-service table to be released T, generated data table T (QI, GID, ID, SA);
(2) initialization publishing table T*; T* is empty anonymous table, and structure and T (QI, GID, ID, SA) are identical;
(3) judge that whether tables of data T (QI, GID, ID, SA) is for issuing first, if issue and go to step (4) first, otherwise go to step (8);
(4) set safeguard protection parameter k, l and ε;
(5) his-and-hers watches T (QI, GID, ID, SA) carries out extensive issue;
(6) tuple is retracted processing;
(7) whether look-up table T (QI, GID, ID, SA) record is entirely extensive, if incomplete extensive going to step (5), otherwise go to step (12);
(8) the SA grouping distance of same individuality in calculating T* (j-1) and T (j);
(9) according to SA grouping distance, T (j) is divided into two groups of T ' and T ";
(10) issue T (j) based on ε-grouping unchangeability rule;
(11) judge T " whether entirely extensive; Go to step (12) if completed, otherwise go to step (5);
(12) data have been issued, and table T* is that final secret protection releases news.
Further, in above-mentioned steps (1), pre-service table to be released comprises the steps:
(1.1) according to the classification of medical data attribute, the record that belongs to same individuality in tables of data to be released is carried out to ID mark, be expressed as the sheet form T (QI, ID, SA) of three generic attributes;
(1.2) each individuality of initialization is a grouping, adds grouping label GID, is expressed as T (QI, GID, ID, SA);
(1.3) merge the grouping with identical QI;
(1.4) delete explicit identification symbol;
Further, in above-mentioned steps (5), extensive issue comprises the steps:
(5.1) adopt the QI attribute in bottom-up Local Gravity And coding method his-and-hers watches T (QI, GID, ID, SA) to carry out extensive;
(5.2) every extensive some identical QI groupings that once just there will be, merge the grouping with identical QI, and mark GID again;
(5.3) grouping that meets individual associated (k, l)-anonymous constraint is removed in anonymous table T*;
Further, in above-mentioned steps (5.3), individual associated (k, l)-anonymous constraint condition is publishing table T* (QI, GID, ID, SA) must meet and in any one QI grouping in table, at least comprise the associated SA of individuality that k different individuality be greater than a setting value ε with l distance and divide into groups.
Further, in above-mentioned steps (8), the method for calculating grouping distance comprises the steps:
(8.1) confirm the degree of association between two Sensitive Attributes value v1 and v2 according to medical general knowledge, with RSA (v1, v2) expression, RSA ∈ [0,1], it is stronger that RSA more approaches 1 degree of association, in the time of v1=v2, RSA=1;
(8.2) based on calculation of relationship degree SA grouping distance, establish G i1 sAand G i2 sAthe SA grouping that is respectively two individual I1 and I2, the Sensitive Attributes degree of association between two groupings can be expressed as , use R sA(I1, I2) represents, the distance between individual SA grouping can be expressed as min (1-R sA(I1, I2)), use Dis sA(I1, I2) represents.
Further, in above-mentioned steps (10), the requirement of ε-grouping unchangeability rule is same individual I ' and the I appearing in table T* (j-1) and T* (j) " represent, if Dis sA(I', I'')≤ε, so issuing individual I " time; in table T* (j), contain I " QI grouping must there is identical number of individuals with the QI grouping that contains I ' in T* (j-1), and between two QI groupings corresponding individual packets apart from being all less than or equal to ε.
The present invention has taken into full account in medical data that one by one body may corresponding many records, and same individuality may have due to the variation of the attributes such as age the feature of different QI attributes, in the time of release processing, utilize individual associated (k, l)-anonymous restricted model is considered as much as possible individual privacy but not is recorded the privacy on level, in the time of subsequent issued, utilize ε-grouping unchangeability rule to take into full account the individual relevance between twice distributing data in front and back, ensured individual privacy information simultaneously.
Brief description of the drawings
Fig. 1 is the method for secret protection process flow diagram that data of the present invention are periodically issued.
Embodiment
Below in conjunction with the drawings and specific embodiments, the invention will be further described.
As shown in Figure 1, the invention provides the method for secret protection that a kind of data are periodically issued, comprise the following steps:
(1) pre-service table to be released, comprises the steps:
(1.1) according to the classification of medical data attribute, the record that belongs to same individuality in tables of data to be released is carried out to ID mark, be expressed as the sheet form T (QI, ID, SA) of three generic attributes; Table to be released as a specific embodiment of the present invention is as shown in table 1;
Table 1
(1.2) each individuality of initialization is a grouping, adds grouping label GID, is expressed as form T (QI, GID, ID, SA);
(1.3) merge the grouping with identical QI;
(1.4) delete explicit identification symbol; The pretreated result of table to be released of the specific embodiment of the invention is as shown in table 2;
Table 2
(2) initialization publishing table T*, T* is the anonymous table of sky that structure is identical with T (QI, GID, ID, SA);
(3) judge that whether tables of data T (QI, GID, ID, SA) is for issuing first, if issue and go to step (4) first, otherwise go to step (8);
(4) set safeguard protection parameter k, l and ε, wherein, k is anonymous parameter, represents that each QI grouping of publishing table must at least comprise k Different Individual; L is diversity parameters, represents that each QI grouping of publishing table at least comprises l different SA grouping (belong to multiple Sensitive Attributes values of body one by one together and form a SA grouping); ε is SA grouping distance threshold, and in each QI grouping of expression publishing table, SA packet spacing is from being at least greater than ε;
(5) his-and-hers watches T (QI, GID, ID, SA) carries out extensive issue; Extensive issue is based on keeping individual associated (k, l)-anonymous constraint, comprising the steps:
(5.1) adopt the QI attribute in bottom-up Local Gravity And coding method his-and-hers watches T (QI, GID, ID, SA) to carry out extensive;
(5.2) every extensive some identical QI groupings that once just there will be, merge the grouping with identical QI, and mark GID again; In the specific embodiment of the invention, the result after his-and-hers watches 2 are extensive is as shown in table 3;
Table 3
(5.3) grouping that meets individual associated (k, l)-anonymous constraint is removed in anonymous table T*; Wherein, individual associated (k, l)-anonymous constraint condition is publishing table T* (QI, GID, ID, SA) must meet and in any one QI grouping in table, at least comprise the associated SA of individuality that k different individuality be greater than a setting value ε with l distance and divide into groups.
(6) tuple is retracted processing; Check all groupings in anonymous table T*, shift out the individual QI tuple of part if grouping exists, while still meeting individual associated (k, l)-anonymous constraint, these tuples are moved back in table T (QI, GID, ID, SA);
(7) whether look-up table T (QI, GID, ID, SA) record is entirely extensive, if incomplete extensive going to step (5), otherwise go to step (12);
(8) the SA grouping distance of same individuality in calculating T* (j-1) and T (j), wherein, T* (j-1) is the distributing data of the j-1 time, T (j) represents the j time data to be released (j>1), and the method for calculating grouping distance comprises the steps:
(8.1) confirm the degree of association between two Sensitive Attributes value v1 and v2 according to medical general knowledge, this degree of association refers to same individuality and suffers from the possibility of v1 and the v2 state of an illness (number percent) simultaneously, with RSA (v1, v2) represent, RSA ∈ [0,1], it is stronger that RSA more approaches 1 degree of association, in the time of v1=v2, RSA=1.
(8.2) based on calculation of relationship degree SA grouping distance, establish G i1 sAand G i2 sAthe SA grouping that is respectively two individual I1 and I2, the Sensitive Attributes degree of association between two groupings can be expressed as , use R sA(I1, I2) represents, the distance between individual SA grouping can be expressed as min (1-R sA(I1, I2)), use Dis sA(I1, I2) represents.
(9) according to SA grouping distance, T (j) is divided into two groups of T ' and T ", distance is less than or equal to the individuality composition record set T ' of ε, all the other composition record set T ";
(10) issue T (j) based on ε-grouping unchangeability rule; All individual records in record set T ' are carried out to release processing, choose one by one in order the record of body one by one in T ', corresponding QI grouping according to this individuality in table T* (j-1), by this individuality and record set T " together with; adopt the extensive tuple of bottom-up Local Gravity And coding method, structure meets the QI grouping of ε-grouping unchangeability rule; Add obtained QI grouping to T*, and delete T ' and T " in corresponding record; Wherein, the requirement of ε-grouping unchangeability rule is same individual I ' and the I appearing in table T* (j-1) and T* (j) " represent, if Dis sA(I', I'')≤ε, so issuing individual T " time; in table T* (j), contain I " QI grouping must there is identical number of individuals with the QI grouping that contains I ' in T* (j-1), and between two QI groupings corresponding individual packets apart from being all less than or equal to ε.
(11) judge T " whether entirely extensive; Go to step (12) if completed, otherwise go to step (5);
(12) data have been issued, and table T* is that final secret protection releases news.

Claims (6)

1. the method for secret protection that data are periodically issued, is characterized in that, comprises the steps:
(1) pre-service table to be released T, generated data table T (QI, GID, ID, SA);
(2) initialization publishing table T*; T* is empty anonymous table, and structure and T (QI, GID, ID, SA) are identical;
(3) judge that whether tables of data T (QI, GID, ID, SA) is for issuing first, if issue and go to step (4) first, otherwise go to step (8);
(4) set safeguard protection parameter k, l and ε;
(5) his-and-hers watches T (QI, GID, ID, SA) carries out extensive issue;
(6) tuple is retracted processing;
(7) whether look-up table T (QI, GID, ID, SA) record is entirely extensive, if incomplete extensive going to step (5), otherwise go to step (12);
(8) the SA grouping distance of same individuality in calculating T* (j-1) and T (j);
(9) according to SA grouping distance, T (j) is divided into two groups of T ' and T ";
(10) issue T (j) based on ε-grouping unchangeability rule;
(11) judge T " whether entirely extensive; Go to step (12) if completed, otherwise go to step (5);
(12) data have been issued, and table T* is that final secret protection releases news.
2. the method for secret protection that a kind of data as claimed in claim 1 are periodically issued, is characterized in that: in step (1), described pre-service table to be released comprises the steps:
(1.1) according to the classification of medical data attribute, the record that belongs to same individuality in tables of data to be released is carried out to ID mark, be expressed as the sheet form T (QI, ID, SA) of three generic attributes;
(1.2) each individuality of initialization is a grouping, adds grouping label GID, is expressed as T (QI, GID, ID, SA);
(1.3) merge the grouping with identical QI;
(1.4) delete explicit identification symbol.
3. the method for secret protection that a kind of data as claimed in claim 1 are periodically issued, is characterized in that: in step (5), described extensive issue comprises the steps:
(5.1) adopt the QI attribute in bottom-up Local Gravity And coding method his-and-hers watches T (QI, GID, ID, SA) to carry out extensive;
(5.2) every extensive some identical QI groupings that once just there will be, merge the grouping with identical QI, and mark GID again;
(5.3) grouping that meets individual associated (k, l)-anonymous constraint is removed in anonymous table T*.
4. the method for secret protection that a kind of data as claimed in claim 3 are periodically issued; it is characterized in that: in step (5.3); described individual associated (k; l)-anonymous constraint condition is publishing table T* (QI; GID; ID, SA) must meet and in any one QI grouping in table, at least comprise the associated SA of individuality that k different individuality be greater than a setting value ε with l distance and divide into groups.
5. the method for secret protection that a kind of data as claimed in claim 1 are periodically issued, is characterized in that: in step (8), the method for described calculating grouping distance comprises the steps:
(8.1) confirm the degree of association between two Sensitive Attributes value v1 and v2 according to medical general knowledge, with RSA (v1, v2) expression, RSA ∈ [0,1], it is stronger that RSA more approaches 1 degree of association, in the time of v1=v2, RSA=1;
(8.2) based on calculation of relationship degree SA grouping distance, establish G i1 sAand G i2 sAthe SA grouping that is respectively two individual I1 and I2, the Sensitive Attributes degree of association between two groupings can be expressed as use R sA(I1, I2) represents, the distance between individual SA grouping can be expressed as min (1-R sA(I1, I2)), use Dis sA(I1, I2) represents.
6. the method for secret protection that a kind of data as claimed in claim 1 are periodically issued; it is characterized in that: in step (10); the requirement of described ε-grouping unchangeability rule is same individual I ' and the I appearing in table T* (j-1) and T* (j) " represent, if Dis sA(I', I'')≤ε, so issuing individual I " time; in table T* (j), contain I " QI grouping must there is identical number of individuals with the QI grouping that contains I ' in T* (j-1), and between two QI groupings corresponding individual packets apart from being all less than or equal to ε.
CN201410321751.3A 2014-07-07 2014-07-07 Method for privacy protection of data periodical issuing Pending CN104077538A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410321751.3A CN104077538A (en) 2014-07-07 2014-07-07 Method for privacy protection of data periodical issuing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410321751.3A CN104077538A (en) 2014-07-07 2014-07-07 Method for privacy protection of data periodical issuing

Publications (1)

Publication Number Publication Date
CN104077538A true CN104077538A (en) 2014-10-01

Family

ID=51598788

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410321751.3A Pending CN104077538A (en) 2014-07-07 2014-07-07 Method for privacy protection of data periodical issuing

Country Status (1)

Country Link
CN (1) CN104077538A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107688751A (en) * 2017-08-17 2018-02-13 复旦大学 A kind of adaptive method for secret protection of social media user behavior temporal mode

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
HUA JIN等: "《Fifth International Conference on Digital Image Processing》", 19 July 2013 *
吕大鹏等: "《第二十四届中国数据库学术会议论文集》", 20 October 2007 *
宋玉等: "《2010通信理论与技术新发展-第十五届全国青年通信学术会议论文集(下册)》", 6 August 2010 *
张志祥等: "基于有损连接的个性化隐私保护", 《计算机工程与设计》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107688751A (en) * 2017-08-17 2018-02-13 复旦大学 A kind of adaptive method for secret protection of social media user behavior temporal mode
CN107688751B (en) * 2017-08-17 2021-02-26 复旦大学 Self-adaptive privacy protection method for social media user behavior time mode

Similar Documents

Publication Publication Date Title
Murthy et al. A comparative study of data anonymization techniques
WO2016119275A1 (en) Network account identifying and matching method
DE102018101307A1 (en) SGX enclave remote authentication techniques
CN104866735B (en) A kind of insertion of numeric type relational database watermark and extraction verification method
CN102855448B (en) A kind of Field-level database encryption device
CN106650487A (en) Multi-partite graph privacy protection method published based on multi-dimension sensitive data
Zhang et al. Towards privacy preserving publishing of set-valued data on hybrid cloud
Jin et al. 3D textured model encryption via 3D Lu chaotic mapping
CN105512523B (en) The digital watermark embedding and extracting method of a kind of anonymization
CN103500302A (en) System and method of safety lock hidden programs
Nergiz et al. Hybrid k-anonymity
CN104156668A (en) Privacy protection reissuing method for multiple sensitive attribute data
CN205901794U (en) System for it encrypts to carry out selectivity to big data content
CN104537317B (en) Control method that tenant is accessed self-defining data storehouse, device and system
CN104077538A (en) Method for privacy protection of data periodical issuing
CN106685893B (en) A kind of authority control method based on social networks group
Sreedhar et al. A genetic TDS and BUG with pseudo-identifier for privacy preservation over incremental data sets
CN111191253B (en) Data encryption combination method
CN204362091U (en) A kind of fingerprint recognition router
CN104361066A (en) Unstructured full-text retrieval system based on authorities
Punitha et al. Methods and techniques to protect the privacy information in privacy preservation data mining
Dubli et al. Secure Techniques of Data Anonymization for Privacy Preservation.
Yue-Qin et al. Trusted Access Control model based on role and task in cloud computing
CN102946311A (en) Key dispersed method for enhancing safety of symmetric key system
CN109492407A (en) Data protection, data solution protect method, terminal and computer readable storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20141001